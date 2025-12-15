The systems architecture for using commercial clouds has served federal agencies well for nearly 20 years.

The cloud movement sparked innovation in the design and deployment of applications, but the exploding use of artificial intelligence calls for a new cloud architecture, suggests Anish Patel, the head of federal civilian at cloud services company Cloudflare.

“If we think about the next generation of services that are going to rely on AI, there’s really a need for a new architecture in that,” Patel said during Federal News Network’s Industry Exchange Cloud 2025. “And so, how does that public cloud architecture, evolve?”

AI compute demands necessitate cloud evolution

He said the principal reason for this need derives from the compute demands of AI.

“AI is really the first thing since the development of the computer that’s been revolutionary on that compute scale,” Patel said.

Developers are folding AI into applications, along with technologies such as post-quantum cryptography and blockchain. Until now, those elements weren’t typically part of digital services.

“But when you combine all those things now,” Patel said, “thinking about the speed of interaction and how reliant you are on a network that’s trusted and reliable becomes really critical.”

Therefore, the resulting architecture must distribute compute power closer to clusters of end users, rather than executing solely in a given commercial cloud.

“If you can bring both that compute and that internet power as close to the end user as possible, that’s game-changing for where the internet is and where AI applications are going,” Patel said. Otherwise, the sheer processor cycle demands of AI will cause performance problems evident to users.

Architecting a reliable cloud architecture for all users

In thinking about the next architecture, IT staffs must consider both their organizations’ own users and external constituents, customers and business partners. Patel noted that many agencies have workforces scattered throughout the country. The need for reliability and low latency equals that of external users.

With reduced workforces, agencies will need to increase that reliability because the paper-based, office visit and telephone options may cease to exist.

“What’s coming next isn’t just that digital services are generally available, and when it’s not, you can pick up the phone or go into an office,” Patel said. “It’s just to be expected that all services are digital, and that service has an uptime and reliability level greater than TikTok or Twitter.”

He added, “There is a new generation of architectural thinking that has to come along with a distributed architecture.”

Patel made the analogy of search. Early Internet search functions, characterized by services like Ask Jeeves, were slow. Google, he said, revolutionized that with instantaneous results.

Today, when using public-facing generative AI sites, users “see it thinking, and there’s a couple of seconds there of it processing, and then it spits out an answer.”

That’s OK for now, he said, but the next generation of AI-enabled digital services will need the same step-function increase in performance that occurred with search.

The distributed architecture also includes distributed data, Patel noted. He said this requires special attention to data sovereignty, privacy and transparency — and secure handling.

“I may be a U.S. citizen traveling overseas, needing access to certain information in a particular country,” he said. “Especially if I’m an agency who’s globally distributed or has people that are traveling all over the world, I want to be able to process my information in a way that adheres to U.S. laws and follows the FedRAMP standard.”

Planning for distributed cloud architecture? Start with your users

Instituting a distributed architecture starts at the application development stage, Patel said.

“You have to start building for where the users are, wherever they are, and adjust to the users’ expectations,” he said. Also important? Building “for the next generation of services that aren’t fully built yet.”

Use of a containerized microservices approach helps because it lets an organization modify or upgrade parts and pieces of an application much more easily than traditional development techniques.

Still, Patel said, until recently “if it was distributed, it was on the agency and the IT folks to come figure out a way to distribute that application, have a disaster recovery strategy, et cetera. If you’re doing that manually, it’s still a highly complicated process, and you still have this scenario where it becomes overwhelming for the IT organization.”

That’s where companies like Cloudflare come in, Patel said. Cloudflare has built a hyper-distributed network together with the services for organizations to use. The company pioneered the idea of easy-to-adopt security for the Hypertext Transport Protocol, so organizations could readily obtain HTTPS status.

“You can now build your applications once and distribute everywhere at the same time, all over the place, and you don’t have to think about it,” he said. “You’re essentially offloading the capabilities of that application, infrastructure and services to vendors who are designed to essentially distribute this across the globe.”

Ensuring FedRAMP compliance in hyper-distributed cloud environments

That raises the question of FedRAMP compliance, the need for which would appear to severely limit the physical facilities on which federal applications can execute. That in turn means federal customers can’t always access the range of cloud services available to commercial customers.

Patel said that, in supporting a mission to “build a better internet,” Cloudflare wants “to ensure that everybody gets the same internet.” Its solution is to build the FedRAMP standards into the architecture itself, so that distributed instances of an application inherit compliance that was built into the original version.

“That means,” he said, “if there’s new services that are offered — new capabilities — and you need to extend the services to be tightly controlled in a particular way to a particular geography, you have the full control to be able to do that.”

The control ensures an agency can maintain public trust in an application and adjust how distributed instances operate.

“You may have certain areas where certain applications that you just want distributed everywhere,” Patel said, “and you need it to just be available for the user as fast as possible.”

On the other hand, he added, “You may have some cases where it makes more sense to for the application to be highly centralized in particular way and be able to route it to the right location.”

For example, at a local clinic somewhere offering medical services to veterans, “you want to make sure, regardless of the Wi-Fi they may have or the device they may have, that experience is still secure but performant, so the veteran can get through the process.”

Discover more articles and videos now on our Federal News Network’s Industry Exchange Cloud 2025.

Copyright © 2025 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.